- Cookstyle fixes
- Refactor Berksfile to use groups so we can exclude integration testing
cookbooks
- Update documentation
- Cleanup line wraps
- Enable sensitive resources for the template[/etc/heat/heat.conf] to
resources improve security.
- Update delivery configuration to exclude integration cookbooks
- Fix ChefSpec output.
- Add missing ChefSpec tests
- Switch package installations to send packages as arrays instead of individual
package resources. This generally speeds up chef runs.
- Cleanup array syntax using %w() instead of []
Depends-On: https://review.opendev.org/701027
Depends-On: https://review.opendev.org/706101
Depends-On: https://review.opendev.org/706151
Depends-On: https://review.opendev.org/706157
Depends-On: https://review.opendev.org/708059
Depends-On: https://review.opendev.org/713285
Change-Id: Ifb3a9de9eecc370e46f43a73ed77008a7b21594b
This provides a collection of fixes required to converge properly:
- fog-openstack-1.x already appends "auth/tokens" so we no longer need
to do that
- Remove references to deprecated
node['openstack']['api']['auth']['version'] attribute
- Remove creation of admin deprecated endpoints
- Add python-heat to common packages on Debian system so that the
heat-manage binary is available
- Remove and refactor use of deprecated identity_uri_transform function
Change-Id: Idfd9aed09ccd5c3871cac71dbe0b51c921f1ec0e
Signed-off-by: Lance Albertson <lance@osuosl.org>
- currently non-admin user aren't able to create stacks with i.e.
Resource OS::Heat::SoftwareDeployment
- added heat domain
heat domain_admin
heat_stack_owner and user role
- added missing configuration options
- fixed some smaller ruby /cookstyle offenses
Change-Id: I6ae544dcc6260050304e66e227383e0e944a6bb6
- Switched default linter to cookstyle
- Renamed rake tasks to better conform with Chef conventions
- Normalized template banner
Change-Id: Icc3eca4b2d17a6d1ef66c1c7e75513de0ee3cac9
In contrast to other identity URIs, the auth_uri in the client_keystone
section of heat.conf must be the unversioned identity endpoint,
otherwise most resources will not work.
Change-Id: I9888e0b69c3ba2a60e3ac7bb84261ace6688b9e3
* use new logic for heat.conf template
* move all attributes that are used in heat.conf to
attributes/heat_conf.rb
* remove all attributes that are just setting default values
* add new default attributes so that the authorisation setup will be
functional again
* refactored endpoint and bind_service logic to fit the new common
cookbook
* adapt specs accordingly
* removed qpid as a messaging option (can be included in a wrapper)
* removed fedora as supported platform
* removed deprecated Gemfile
* removed logic for setting up a dedicated domain for Heat, should be
done in a wrapper
* update README.md accordingly (still incomplete)
Implements: blueprint cookbook-refactoring
Change-Id: I16a29e28068d106f0edcbe04cb529aabbbed1ac5
Cleaned up all the minor rubocop issues, the ones left relate to
complex logic and what I think is a bug in rubocop for nested
vs compact modules/class definitions.
Change-Id: I75515d7b1faadb6de6377081fc7d5281a4c64c7d
Remove deprecated keys and use identity_uri via the new transform
helper method.
Change-Id: I988a902d42942109047bcc69d4b02ec4ba66ae41
Implements: blueprint identity-uri
Now that admin_endpoint, public_endpoint, and internal_endpoint
in the common library are working, these are the changes to use
them in the openstack-orchestration recipes.
Partial-Bug: 1412919
Change-Id: Ib89150c12ea833137b5f96c8ac5443c8aac364b4
To avoid unauthorized users to read secrete information in
heat.conf, heat.conf should be set as 640 instead of 644.
Fix bug 1370870
Change-Id: I02756cea10113ca89ddeaa9232d04c75380756e8
*_python_packages attributes are being moved to -common in order to
remove the duplication from all the cookbooks which are using them
Change-Id: Ia0d26ef915dc27b8654d1ed0dec63b2ecef05743
Implements: blueprint move-python-db-client-attrs-to-common
We need to explicitly run heat-manage with heat user/group.
Running as root may cause files in /var/log/heat/* to be owned by
root, and this will cause heat services from being able to start (due
to being unable to write to files in that directory).
This is a non-issue when you install from packages as the package
post-install typically does a heat-manage with the correct user, and
this ensures logs are created w/ correct ownership.
Change-Id: I6aede4f2b768cb191527ec27b0c8132c0582ebf2
The common recipe has been pulling in the entire
python-keystone package, which is the entire Keystone
set of services. This hasn't been necessary since
some time after Grizzly, when the tokenauth middleware
was moved to the client.
Change-Id: Ifb133d570e2ad94df822aa512edeb37aabdf349b
Related-Bug: #1305318
Sometimes you want the actual endpoint IP to be a load
balanced IP, but the bind IP to be a local IP (different per node).
This change allows that by using attributes from the [orchestration-*-bind]
namespace
Implements blueprint increase-ip-binding-flexibility
Change-Id: I9ea0e1e61c23026bf24926b264e289ff80314ac2
Currently, qpid's password is stored in an attribute in the common
cookbook. This change causes the password to be looked up via
get_password method, which is how we obtain the rabbitmq password.
Change-Id: Ia617f406041da7d03867be5b347fdbb52e1fb2e3
Implements: blueprint use-data-bag-for-qpid-password
Rebase and resolve conficts with latest codes
Move to use "get_password" instead of "{user,service,db}_password"
Change-Id: Ia14344b81c75724b35bf556e42fd4297428f4631
It appears orchestration was missing in the rubocop blueprints. Bringing it
up to par with the other cookbooks.
- Update rubocop config to include recipes/**
- Update recipes to comply with rubocop
Change-Id: I17a4ee2378bac48cda0b96ae6ad4f9db8916f1b6
This change removes the attributes we'll be moving to openstack-common
and changes reference of those attributes to reflect new (more
consistent) namespace.
Also remove Berksfile.lock so that updated version of common cookbook is
used.
Change-Id: I6d6b3849671d56d337aced0f8288b6a201f80ac0
Implements: blueprint clean-up-attr-for-mq-and-db
This new cookbook supports the installation and configuraiton for heat services.
More pedantic patches will follow to make Rubocop happy.
Implements: blueprint heat-support
Change-Id: I8b734b7124c49190a68acc4d0da28a31da03ac57
Ghanshyam Mann